CN114760062A - Unmanned aerial vehicle cluster cooperative combat data privacy protection method based on block chain - Google Patents

Unmanned aerial vehicle cluster cooperative combat data privacy protection method based on block chain Download PDF

Info

Publication number
CN114760062A
CN114760062A CN202210246293.6A CN202210246293A CN114760062A CN 114760062 A CN114760062 A CN 114760062A CN 202210246293 A CN202210246293 A CN 202210246293A CN 114760062 A CN114760062 A CN 114760062A
Authority
CN
China
Prior art keywords
key
data
unmanned aerial
ciphertext
public
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210246293.6A
Other languages
Chinese (zh)
Other versions
CN114760062B (en
Inventor
谭林
孔曼
王云丽
刘齐军
杨征
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan Tianhe Guoyun Technology Co Ltd
Original Assignee
Hunan Tianhe Guoyun Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan Tianhe Guoyun Technology Co Ltd filed Critical Hunan Tianhe Guoyun Technology Co Ltd
Priority to CN202210246293.6A priority Critical patent/CN114760062B/en
Publication of CN114760062A publication Critical patent/CN114760062A/en
Application granted granted Critical
Publication of CN114760062B publication Critical patent/CN114760062B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
    • H04L9/007Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models involving hierarchical structures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Abstract

The invention discloses an unmanned aerial vehicle cluster cooperative combat data privacy protection method based on a block chain, each unmanned aerial vehicle cluster forms a task chain, each task chain corresponds to a subordinate command center, the subordinate command centers maintain data of block data chains, cloud storage equipment stores block data chain information, a proxy re-encryption technology is adopted to realize data sharing between the subordinate command centers and an advanced command center, when the advanced command center downloads required combat data from the cloud storage equipment, a request and verification process is finished by block data chain consensus, the block data chains transmit a certain data transmission instruction to the cloud storage equipment by utilizing the mapping relation between the block data chains and the cloud storage equipment, after the cloud storage equipment storing the relevant data responds, ciphertext decipherable by using a private key is transmitted to the advanced command center to realize hierarchical data privacy protection transmission, in the process, the cloud storage device serves as a semi-trusted agent and cannot obtain plaintext information of the data, and therefore the risk of data leakage is reduced.

Description

Unmanned aerial vehicle cluster cooperative combat data privacy protection method based on block chain
Technical Field
The invention belongs to the technical field of unmanned aerial vehicle cluster cooperative combat strategy deployment data security, and particularly relates to an unmanned aerial vehicle cluster cooperative combat data privacy protection method based on a block chain.
Background
The unmanned aerial vehicle is widely applied to civil fields such as city planning, engineering supervision and logistics distribution due to the characteristics of light weight, flexibility, low maintenance cost, high maneuverability and the like. Along with the continuous improvement of unmanned aerial vehicle intellectuality and the increasing complexity of battlefield environment, unmanned aerial vehicle also is applied to the military field gradually, however in practical application, single unmanned aerial vehicle receives energy consumption and visual range's restriction, can only work in limited geographical area. In the face of severe operation environments and complex operation tasks, an unmanned aerial vehicle cluster (UAV swarm) for multi-unmanned aerial vehicle cooperative operation effectively overcomes the problems of single unmanned aerial vehicle visual field limitation and energy consumption through multi-angle data sensing and sharing, realizes cooperative decision through group intelligence, can also effectively improve the survival capability and the overall operation efficiency of the unmanned aerial vehicle, and can complete high-difficulty tasks such as cluster adversary.
However, the data collected by the unmanned aerial vehicle and the data themselves are easy to be targets of hacker attack, once a hacker intercepts communication information or hijacks the unmanned aerial vehicle, the data will affect the cluster battle environment, and even cause serious consequences such as leakage of national confidentiality, disturbance of social order and the like. Therefore, under the special scene of the military field, the requirement on the safety cooperation capability of the unmanned aerial vehicle is relatively high. In order to enhance the robustness and security of drone systems, in recent years, researchers have begun to attempt to address the information security issues of drone collaborative combat using blockchain technology. The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like.
The existing block chain technology and unmanned aerial vehicle cluster data safety related research does not really look at the privacy protection problem in the process of battle data transmission. Some researches innovate an information system architecture through a block chain technology, can improve communication activity and recoverability, realize self-organized communication, realize high-efficiency and low-resource-consumption autonomous synchronization of unmanned cluster information by adopting an optimized consensus mechanism, ensure the consistency of the information in the unmanned cluster, keep the long-term efficiency of information sharing synchronization, and realize high-efficiency data sharing self-organizing capability, but obviously the related technology does not solve the problems of data leakage and privacy protection in the data sharing transmission process; some researches can realize information delay and network interruption, so that the unmanned aerial vehicle can ensure that the command of the unmanned aerial vehicle is correctly executed under the condition that the unmanned aerial vehicle is in an offline state, and the safety of information and control can be improved.
Disclosure of Invention
In order to solve at least one of the technical problems, the invention provides an unmanned aerial vehicle cluster cooperative combat data privacy protection method based on a block chain.
The purpose of the invention is realized by the following technical scheme:
the invention provides an unmanned aerial vehicle cluster cooperative combat data privacy protection method based on block chains, wherein each unmanned aerial vehicle cluster forms a task chain, each task chain corresponds to a subordinate command center, the subordinate command centers maintain data of the block data chains, cloud storage equipment stores block data chain information, and a proxy re-encryption technology is adopted to realize data sharing between the subordinate command centers and an advanced command center, and the method specifically comprises the following steps:
s1, the subordinate command center generates a subordinate public and private key pair by adopting an asymmetric encryption algorithm, and the advanced command center generates an advanced public and private key pair by adopting an asymmetric encryption algorithm;
s2, the subordinate command center arranges the relevant combat data after the unmanned aerial vehicle cluster finishes each combat mission, encrypts the combat data by using the key of the symmetric encryption algorithm to generate a combat data ciphertext, stores the combat data ciphertext in the cloud storage device, and sends the metadata of the combat data, the hash value of the combat data and the hash value of the key of the symmetric encryption algorithm to the block data chain;
s3, the subordinate command center randomly generates a random integer, and encrypts and sends a key of a symmetric encryption algorithm to the cloud storage device according to the random integer and a public key and a private key in the subordinate public and private key pair;
S4, the advanced command center sends a data operation request to the block data chain by browsing the metadata of the combat data, the block data chain verifies the identity information of the advanced command center, and after the identity verification is passed, the advanced command center obtains the corresponding data operation authority and permits to obtain the public key in the subordinate public and private key pair;
s5, the subordinate command center receives a data operation request which passes the identity verification of the superior command center in the block data chain, and generates a re-encryption key according to the public key in the acquired subordinate public and private key pair and the public key in the superior public and private key pair and sends the re-encryption key to the cloud storage device;
s6, after the cloud storage device generates a re-encrypted ciphertext by using the re-encryption key, the re-encrypted ciphertext and the combat data ciphertext are sent to the advanced command center;
and S7, the advanced command center calculates and obtains the key of the symmetric encryption algorithm according to the information obtained in the previous step and compares the key with the hash value of the key of the symmetric encryption algorithm on the block data chain, if the key is consistent with the hash value, the re-encrypted ciphertext is decrypted to obtain the symmetric key, and the original data to be inquired is obtained by decrypting the combat data ciphertext through the symmetric key.
As a further improvement, in step S3, the method for encrypting the key of the symmetric encryption algorithm according to the random integer in combination with the public key and the private key in the subordinate public-private key pair includes the following steps:
S31, calculating a first intermediate quantity according to the random number;
s32, calculating a first part of ciphertext according to the key of the symmetric encryption algorithm and the public key of the subordinate public and private key pair;
s33, calculating a second part of ciphertext according to the first intermediate quantity and a key of a symmetric encryption algorithm;
s34, calculating a second intermediate quantity according to the random number, the private key of the subordinate public and private key pair and the second part of ciphertext;
s35, encrypting the key of the symmetric encryption algorithm according to the first part of ciphertext, the second part of ciphertext and the second intermediate quantity, and sending the key to the cloud storage device.
As a further improvement, in the step S6, the cloud storage device generates a re-encrypted ciphertext by using the re-encryption key, including the following steps:
s61: the cloud storage device calculates a third part of ciphertext by using the re-encryption key;
s62: and generating a re-encrypted ciphertext according to the third part of ciphertext, the second part of ciphertext and the second intermediate quantity.
As a further improvement, in the step S7, the advanced command center calculates and obtains the key of the symmetric encryption algorithm according to the information obtained in the previous step, including the following steps:
s71: the advanced command center calculates a third intermediate quantity according to the second intermediate quantity, the second part of ciphertext and a public key of a subordinate public and private key pair;
S72: and obtaining a key of the symmetric encryption algorithm according to the third part of ciphertext, the private key of the high-level public and private key pair and the third intermediate quantity.
As a further improvement, an oblivious transmission protocol is adopted between the subordinate command center and each task chain for carrying out operation intelligence feedback and strategy deployment interaction.
As a further improvement, an over-one oblivious transmission protocol is adopted between the subordinate command center and each task chain to realize the operational intelligence feedback and strategic deployment interaction between the subordinate command center and each task chain
As a further improvement, when a subordinate command center needs to master the battle condition of a certain unmanned aerial vehicle in a certain unmanned aerial vehicle cluster in a certain task chain, the method comprises the following steps:
s21, randomly sending a battle condition feedback instruction to a plurality of unmanned aerial vehicles including a certain unmanned aerial vehicle in the unmanned aerial vehicle cluster;
s22, respectively generating a pair of public and private keys based on an asymmetric encryption algorithm for the multiple unmanned aerial vehicles receiving the instruction by the block data chain, forming a public and private key list, generating a public key list from the public keys in all the public and private key lists, and sending the public key list to the subordinate command center;
s23, randomly selecting a large integer by the subordinate command center, and encrypting the large integer by using a public key corresponding to a certain unmanned aerial vehicle needing to master the battle condition in the public key list to obtain a ciphertext;
S24, multiple unmanned aerial vehicles including a certain unmanned aerial vehicle receive the ciphertext, and the block data chain decrypts the ciphertext by using the private keys in the public and private key list respectively to obtain different random number lists;
s25, respectively encrypting relevant combat situation information of a plurality of unmanned aerial vehicles by adopting a lightweight symmetric cryptographic algorithm and taking a random number list as a symmetric key to obtain a symmetric ciphertext list and sending the symmetric ciphertext list to a subordinate command center;
s26, the subordinate command center decrypts the ciphertext in the symmetric ciphertext list by using the randomly selected large integer as a decryption key to obtain the battle condition plaintext information of the multiple unmanned aerial vehicles, and acquires the certain unmanned aerial vehicle battle condition to be mastered from the multiple plaintext information.
As a further improvement, when the subordinate command center needs to master the battle conditions of multiple unmanned aerial vehicles in the unmanned aerial vehicle cluster in a certain task chain, the randomly selected large integer in step S23 is adjusted to multiple large integers.
The invention provides an unmanned aerial vehicle cluster cooperative combat data privacy protection method based on block chains, each unmanned aerial vehicle cluster forms a task chain, each task chain corresponds to a subordinate command center, the subordinate command centers maintain data of the block data chains, cloud storage equipment stores block data chain information, and a proxy re-encryption technology is adopted to realize data sharing between the subordinate command centers and an advanced command center, and the method specifically comprises the following steps: s1, the subordinate command center adopts asymmetric encryption algorithm to generate subordinate public and private key pair, and the senior command center adopts asymmetric encryption algorithm to generate senior public and private key pair; s2, the subordinate command center arranges the relevant combat data after the unmanned aerial vehicle cluster finishes each combat mission, encrypts the combat data by using the key of the symmetric encryption algorithm to generate a combat data ciphertext, stores the combat data ciphertext in the cloud storage device, and sends the metadata of the combat data, the hash value of the combat data and the hash value of the key of the symmetric encryption algorithm to the block data chain; s3, the subordinate command center randomly generates a random integer, and encrypts the key of the symmetric encryption algorithm according to the random integer and the public key and the private key in the subordinate public and private key pair and sends the encrypted key to the cloud storage device; s4, the advanced command center sends a data operation request to the block data chain by browsing the metadata of the combat data, the block data chain verifies the identity information of the advanced command center, and after the identity verification is passed, the advanced command center obtains the corresponding data operation authority and permits to obtain the public key in the subordinate public and private key pair; s5, the subordinate command center receives a data operation request after the higher command center passes the identity verification in the block data chain, and generates a re-encryption key according to the public key in the obtained subordinate public and private key pair and the public key in the higher public and private key pair and then sends the re-encryption key to the cloud storage device; s6, after the cloud storage device generates a re-encrypted ciphertext by using the re-encryption key, sending the re-encrypted ciphertext and the combat data ciphertext to the advanced command center; and S7, the advanced command center calculates and obtains the key of the symmetric encryption algorithm according to the information obtained in the previous step and compares the key with the hash value of the key of the symmetric encryption algorithm on the block data chain, if the key is consistent with the hash value, the re-encrypted ciphertext is decrypted to obtain the symmetric key, and the original data to be inquired is obtained by decrypting the combat data ciphertext through the symmetric key.
When the advanced command center downloads the required combat data from the cloud storage device, the request and the verification process are completed by the block data chain consensus, the block data chain sends a certain data transmission instruction to the cloud storage device by utilizing the mapping relation between the block data chain and the cloud storage device, and after the cloud storage device storing the relevant data responds, the cryptograph encrypted by the public key of each subordinate command center is converted into the cryptograph which can be decrypted by the private key of the superior command center, the superior command center checks and uses the original data after decryption to realize hierarchical data privacy protection transmission, in the process, the cloud storage device as a semi-trusted agent does not obtain the plaintext information of the data, therefore, the risk of data leakage is reduced, and the complicated process of encryption and decryption by adopting a public and private key mechanism for many times when each subordinate command center and the senior command center transmit encrypted data is avoided.
Drawings
The invention is further illustrated by means of the attached drawings, but the embodiments in the drawings do not constitute any limitation to the invention, and for a person skilled in the art, without inventive effort, further drawings may be derived from the following figures.
FIG. 1 is a schematic diagram of data transmission according to the present invention;
FIG. 2 is a timing diagram of proxy re-encryption of the present invention;
fig. 3 is a schematic diagram of data transmission based on an oblivious transmission protocol according to the present invention.
Detailed Description
In order to make those skilled in the art better understand the technical solution of the present invention, the following detailed description of the present invention is made with reference to the accompanying drawings and specific embodiments, and it is to be noted that the embodiments and features of the embodiments of the present application may be combined with each other without conflict.
With reference to fig. 1 and fig. 2, an embodiment of the present invention provides a method for protecting privacy of cooperative combat data of unmanned aerial vehicle clusters based on a block chain, where each unmanned aerial vehicle cluster forms a task chain, each task chain corresponds to a subordinate command center, the subordinate command center maintains data of the block data chain, and stores block data chain information in a cloud storage device, the block data chain and the cloud storage device are in a mapping relationship, the cloud storage device includes one or more cloud storage servers meeting storage requirements, and when multiple cloud storage servers are used, the data can be shared with each other. The method is characterized in that an agent Re-Encryption technology (PRE) is adopted to realize data sharing between a subordinate command center and an advanced command center, the agent Re-Encryption technology is used in a scene that two parties share data through a semi-honest intermediate agent, the sharing two parties convert a data ciphertext encrypted by a public key of one party into a ciphertext which can be decrypted by a private key of the other party through a Re-Encryption key, and as shown in figure 2, the method comprises the following specific steps:
S1, the subordinate command center adopts asymmetric encryption algorithm to generate subordinate public and private key pair (pk)c,skc) I.e. pkcIs a subordinate public key, skcFor subordinate private keys, the high-level command center adopts non-pairingThe encryption algorithm is called to generate a high-level public and private key pair (pk)sc,sksc) I.e. pkscTo the advanced public key, skscIs a high-level private key, wherein pk is skP, pk is the public key of the asymmetric encryption algorithm, sk is the private key of the asymmetric encryption algorithm, sk belongs to Fq*,FqP is a generator of the q-th order addition cycle group G.
S2, the subordinate command center arranges the relevant combat data after the unmanned aerial vehicle cluster finishes each combat mission, encrypts the combat data by using a KEY KEY of a symmetric encryption algorithm to generate a combat data ciphertext cipher _ f, stores the combat data ciphertext cipher _ f into the cloud storage device, and sends metadata of the combat data, a hash value of the combat data and a hash value (KEY) of the KEY KEY of the symmetric encryption algorithm to the block data chain. The metadata is also called medium data or relay data, is data describing the combat data, mainly information describing the attributes of the combat data, and is used for supporting functions such as indicating storage locations, history data, resource searching, file recording and the like.
S3, randomly generating a random integer r epsilon F by subordinate command center qAnd encrypting the key of the symmetric encryption algorithm according to the random integer and the public key and the private key in the subordinate public and private key pair and sending the encrypted key to the cloud storage device, which comprises the following steps:
s31, calculating a first intermediate quantity R ═ rP from the random number;
s32, calculating the first part of the cryptograph C according to the key of the symmetric encryption algorithm and the public key of the subordinate public and private key pair1=KEY⊕hash(rpkc);
S33, calculating a second part of ciphertext C according to the first intermediate quantity and the key of the symmetric encryption algorithm2=hash(R||KEY);
S34, calculating a second intermediate quantity Sig ═ r + sk according to the random number, the private key of the subordinate public and private key pair and the second part cryptographcC2
S35, encrypting the cipher key of the symmetric encryption algorithm by the cipher key cipher according to the first part of cipher text, the second part of cipher text and the second intermediate quantityKEY=(C1,C2Sig) and sends the cloud storage.
S4, the high-level command center sends data operation request to the block data chain by browsing the metadata of the combat data, the block data chain verifies the identity information of the high-level command center, after the identity verification is passed, the high-level command center obtains the corresponding data operation authority and permits to obtain the public key pk in the subordinate public and private key pairc
S5, the subordinate command center receives the data operation request of the block data chain after the advanced command center identity verification passes, and according to the public key pk in the acquired subordinate public and private key pair cAnd a public key pk in an advanced public and private key pairscGenerating a Re-encryption key Re _ key hash (rpk)c)⊕hash(rpksc) Then sending to the cloud storage equipment;
s6, after the cloud storage device generates the re-encryption ciphertext by using the re-encryption key, the method includes the following steps:
s61: the cloud storage device calculates a third part of ciphertext C by using the Re-encryption key Re _ key3=Re_key⊕C1
S62: generating a re-encrypted ciphertext re _ cipher from the third portion of the ciphertext, the second portion of the ciphertext, and a second intermediate quantity (C)3,C2,Sig)。
And sending the re-encrypted ciphertext re _ cipher and the combat data ciphertext _ f to the advanced command center.
S7, the advanced command center calculates and obtains the key of the symmetric encryption algorithm according to the information obtained in the previous steps, and the method specifically comprises the following steps:
s71: the high-level command center calculates a third intermediate quantity R according to the second intermediate quantity, the second part of ciphertext and the public key of the subordinate public and private key pair1=SigP-C2pkc
S72: obtaining a key M (C) of a symmetric encryption algorithm according to the third part of ciphertext, the private key of the advanced public and private key pair and the third intermediate quantity3⊕hash(skscR1)。
And comparing the obtained KEY hash (M) of the symmetric encryption algorithm with the hash value hash (KEY) of the KEY of the symmetric encryption algorithm on the block data chain, if the KEY hash (M) of the symmetric encryption algorithm is consistent with the hash value hash (KEY) of the KEY of the symmetric encryption algorithm on the block data chain, decrypting the re-encrypted ciphertext to obtain the symmetric KEY KEY, and decrypting the combat data ciphertext cipher text cipher _ f through the symmetric KEY KEY to obtain the original data to be inquired.
As a further preferred embodiment, the subordinate command center and each task chain adopt an Oblivious Transfer (OT) protocol for the interaction of tactical intelligence feedback and strategic deployment, the Oblivious Transfer protocol is a two-party communication protocol for protecting privacy, the privacy of the receiver is not known by the sender, so that the two communication parties transmit messages in a selective fuzzification manner, models of 2-to-1, n-to-m and the like are continuously popularized and formed, in the embodiment, an oblivious transmission protocol of taking n to 1, namely one more is adopted, when operation information feedback and strategic deployment interaction are carried out between a subordinate command center and an unmanned aerial vehicle cluster, the oblivious transmission protocol is adopted to realize the concealed calling and query of operation data of the unmanned aerial vehicle, namely, a plurality of ciphertexts are transmitted between the subordinate command center and the unmanned aerial vehicle cluster at a time so as to confuse actual required combat data. In the process, the unmanned aerial vehicle cluster which is maliciously monitored cannot know which unmanned aerial vehicle operation data is specifically needed by the subordinate command center, a strategy is deployed where the unmanned aerial vehicle cluster is located, and when the senior command center calls a certain unmanned aerial vehicle combat situation in the unmanned aerial vehicle cluster, the operation data of other unmanned aerial vehicles in the unmanned aerial vehicle cluster cannot be revealed, so that the privacy of the data of both parties is ensured.
Specifically, when the subordinate command center needs to master the battle condition of a certain unmanned aerial vehicle in a certain unmanned aerial vehicle cluster in a certain task chain, as shown in fig. 3, the method includes the following steps:
s21, randomly sending a battle condition feedback instruction to a plurality of unmanned aerial vehicles N (N is less than or equal to N) including a certain unmanned aerial vehicle t in the unmanned aerial vehicle cluster N;
s22, respectively generating a pair of public and private keys based on asymmetric encryption algorithm for the multiple unmanned aerial vehicles n receiving the instruction by the block data chain and forming a public and private key list (pk)1,sk1)、(pk2,sk2)...(pkn,skn) Generating a public key List _1 (pk) from all public keys in the public-private key List1、pk2...pkn) Sending to subordinate command center;
s23, subordinate command center randomSelecting a large integer key, and using a public key pk corresponding to a certain unmanned aerial vehicle needing to master the battle situation in a public key List List _1tEncrypting the large integer key to obtain a ciphertext C1In which C is1=EnRSA(pkt,key),EnRSAIs an asymmetric encryption algorithm function;
s24, multiple unmanned aerial vehicles n including a certain unmanned aerial vehicle t all receive the ciphertext C1The private key (sk) in the public-private key List List _1 for the block data link1、sk2...skn) Respectively for ciphertext C1Decrypting to obtain different random number List List _2 ═ (key)1、key2...keyn);
S25, respectively encrypting the relevant combat situation information of multiple drones n by using the lightweight symmetric cryptographic algorithm and using the random number List _2 as a symmetric key, to obtain a symmetric cipher text List _3 (cipher) 1、cipher2...ciphern) And sending to subordinate command center;
s26, the subordinate command center decrypts the ciphertext in the symmetric ciphertext List List _3 by using the randomly selected large integer key as a decryption key to obtain the situation plaintext information of a plurality of unmanned aerial vehicles, and acquires the situation of a certain unmanned aerial vehicle to be mastered from a plurality of plaintext information, wherein only the ciphertext cipher including a certain unmanned aerial vehicle ttThe plaintext decrypted by the key is the battle condition information required by the command center, and other ciphertext information is random numbers and is irrelevant to the battle condition information of a certain unmanned aerial vehicle required to be mastered by the subordinate command center.
As a further preferred embodiment, when the subordinate command center needs to master the battle conditions of multiple drones in a cluster of drones in a certain task chain, one large integer randomly selected in step S23 is adjusted to multiple large integers.
The large integer is also called a high-precision integer, which means that the precision of the integer cannot be stored by using a basic data type.
In the description above, numerous specific details are set forth in order to provide a thorough understanding of the present invention, however, the present invention may be practiced otherwise than as specifically described herein and, therefore, should not be construed as limiting the scope of the present invention.
In conclusion, although the present invention has been described with reference to the preferred embodiments, it should be noted that various changes and modifications can be made by those skilled in the art, and they should be included in the scope of the present invention unless they depart from the scope of the present invention.

Claims (8)

1. A privacy protection method for cooperative combat data of unmanned aerial vehicle clusters based on block chains is characterized in that data sharing between subordinate command centers and advanced command centers is realized by adopting an agent re-encryption technology, and the method comprises the following specific steps:
s1, the subordinate command center adopts asymmetric encryption algorithm to generate subordinate public and private key pair, and the senior command center adopts asymmetric encryption algorithm to generate senior public and private key pair;
s2, the subordinate command center arranges the relevant combat data after the unmanned aerial vehicle cluster finishes each combat mission, encrypts the combat data by using the key of the symmetric encryption algorithm to generate a combat data ciphertext, stores the combat data ciphertext in the cloud storage device, and sends the metadata of the combat data, the hash value of the combat data and the hash value of the key of the symmetric encryption algorithm to the block data chain;
S3, the subordinate command center randomly generates a random integer, and encrypts the key of the symmetric encryption algorithm according to the random integer and the public key and the private key in the subordinate public and private key pair and sends the encrypted key to the cloud storage device;
s4, the advanced command center sends a data operation request to the block data chain by browsing the metadata of the combat data, the block data chain verifies the identity information of the advanced command center, and after the identity verification is passed, the advanced command center obtains the corresponding data operation authority and permits to obtain the public key in the subordinate public and private key pair;
s5, the subordinate command center receives a data operation request which passes the identity verification of the superior command center in the block data chain, and generates a re-encryption key according to the public key in the acquired subordinate public and private key pair and the public key in the superior public and private key pair and sends the re-encryption key to the cloud storage device;
s6, after the cloud storage device generates a re-encrypted ciphertext by using the re-encryption key, the re-encrypted ciphertext and the combat data ciphertext are sent to the advanced command center;
and S7, the advanced command center calculates and obtains the key of the symmetric encryption algorithm according to the information obtained in the previous step, compares the key with the hash value of the key of the symmetric encryption algorithm on the block data chain, decrypts the re-encrypted ciphertext to obtain the symmetric key if the key is consistent, and then decrypts the combat data ciphertext through the symmetric key to obtain the original data to be inquired.
2. The method as claimed in claim 1, wherein the step S3 of encrypting the key of the symmetric encryption algorithm according to the random integer in combination with the public key and the private key of the subordinate public and private key pair comprises the following steps:
s31, calculating a first intermediate quantity according to the random number;
s32, calculating a first part of ciphertext according to the key of the symmetric encryption algorithm and the public key of the subordinate public and private key pair;
s33, calculating a second part of ciphertext according to the first intermediate quantity and a key of a symmetric encryption algorithm;
s34, calculating a second intermediate quantity according to the random number, the private key of the subordinate public and private key pair and the second part of ciphertext;
and S35, encrypting the key of the symmetric encryption algorithm according to the first part of ciphertext, the second part of ciphertext and the second intermediate quantity, and sending the key to the cloud storage device.
3. The unmanned aerial vehicle cluster cooperative combat data privacy protection method based on the blockchain as claimed in claim 2, wherein in the step S6, the cloud storage device generates the re-encrypted ciphertext by using the re-encryption key, including the steps of:
s61: the cloud storage device calculates a third part of ciphertext by using the re-encryption key;
s62: and generating a re-encrypted ciphertext according to the third part of ciphertext, the second part of ciphertext and the second intermediate quantity.
4. The unmanned aerial vehicle cluster cooperative combat data privacy protection method based on the blockchain as claimed in claim 3, wherein in the step S7, the senior command center calculates and obtains a key of a symmetric encryption algorithm according to the information obtained in the previous step, and the method comprises the following steps:
s71: the advanced command center calculates a third intermediate quantity according to the second intermediate quantity, the second part of ciphertext and a public key of a subordinate public and private key pair;
s72: and obtaining a key of the symmetric encryption algorithm according to the third part of ciphertext, the private key of the high-level public and private key pair and the third intermediate quantity.
5. The unmanned aerial vehicle cluster cooperative combat data privacy protection method based on the blockchain as claimed in claim 1, wherein an oblivious transmission protocol is adopted between the subordinate command center and each task chain for combat intelligence feedback and strategic deployment interaction.
6. The unmanned aerial vehicle cluster cooperative combat data privacy protection method based on the blockchain as claimed in claim 5, wherein an over-one oblivious transmission protocol is adopted between the subordinate command center and each task chain to realize combat intelligence feedback and strategic deployment interaction between the subordinate command center and each task chain.
7. The unmanned aerial vehicle cluster cooperative combat data privacy protection method based on the blockchain as claimed in claim 6, wherein when a subordinate command center needs to master a certain unmanned aerial vehicle situation of an unmanned aerial vehicle cluster in a certain task chain, the method comprises the following steps:
s21, randomly sending a battle condition feedback instruction to a plurality of unmanned aerial vehicles including a certain unmanned aerial vehicle in the unmanned aerial vehicle cluster;
s22, respectively generating a pair of public and private keys based on an asymmetric encryption algorithm for the multiple unmanned aerial vehicles receiving the instruction by the block data chain, forming a public and private key list, generating a public key list from the public keys in all the public and private key lists, and sending the public key list to the subordinate command center;
s23, randomly selecting a large integer by the subordinate command center, and encrypting the large integer by using a public key corresponding to a certain unmanned aerial vehicle needing to master the battle condition in the public key list to obtain a ciphertext;
s24, multiple unmanned aerial vehicles including a certain unmanned aerial vehicle receive the ciphertext, and the block data chain decrypts the ciphertext by using the private keys in the public and private key list respectively to obtain different random number lists;
s25, respectively encrypting relevant combat situation information of a plurality of unmanned aerial vehicles by adopting a lightweight symmetric cryptographic algorithm and taking a random number list as a symmetric key to obtain a symmetric ciphertext list and sending the symmetric ciphertext list to a subordinate command center;
S26, the subordinate command center decrypts the ciphertext in the symmetric ciphertext list by using the randomly selected large integer as a decryption key to obtain the battle condition plaintext information of the multiple unmanned aerial vehicles, and acquires the certain unmanned aerial vehicle battle condition to be mastered from the multiple plaintext information.
8. The method for protecting privacy of cooperative combat data of unmanned aerial vehicle cluster based on blockchain as claimed in claim 7, wherein when the subordinate command center needs to master the battle conditions of multiple unmanned aerial vehicles in the unmanned aerial vehicle cluster in a certain task chain, the randomly selected large integer in step S23 is adjusted to be a plurality of large integers.
CN202210246293.6A 2022-03-14 2022-03-14 Unmanned aerial vehicle cluster collaborative combat data privacy protection method based on block chain Active CN114760062B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210246293.6A CN114760062B (en) 2022-03-14 2022-03-14 Unmanned aerial vehicle cluster collaborative combat data privacy protection method based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210246293.6A CN114760062B (en) 2022-03-14 2022-03-14 Unmanned aerial vehicle cluster collaborative combat data privacy protection method based on block chain

Publications (2)

Publication Number Publication Date
CN114760062A true CN114760062A (en) 2022-07-15
CN114760062B CN114760062B (en) 2023-10-20

Family

ID=82327004

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210246293.6A Active CN114760062B (en) 2022-03-14 2022-03-14 Unmanned aerial vehicle cluster collaborative combat data privacy protection method based on block chain

Country Status (1)

Country Link
CN (1) CN114760062B (en)

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107094148A (en) * 2017-05-09 2017-08-25 电子科技大学 A kind of unmanned plane block chain management and control strategy of resisting quantum computation attack
CN109314642A (en) * 2016-02-23 2019-02-05 区块链控股有限公司 Counting system and method for secure voting and distribution implemented with blockchain
CN111245509A (en) * 2020-03-18 2020-06-05 西安理工大学 Secrecy method for unmanned aerial vehicle secret ultraviolet communication by adopting block chain
CN111639361A (en) * 2020-05-15 2020-09-08 中国科学院信息工程研究所 Block chain key management method, multi-person common signature method and electronic device
US20200372808A1 (en) * 2019-05-20 2020-11-26 T-Mobile Usa, Inc. Secure unmanned aerial vehicle flight planning
US20200396060A1 (en) * 2018-03-27 2020-12-17 Huawei Technologies Co., Ltd. Identity Management Method, Device, Communications Network, And Storage Medium
CN112305974A (en) * 2020-11-13 2021-02-02 青海大学 Unmanned aerial vehicle cluster remote control method, system, device and equipment
US20210209956A1 (en) * 2020-01-03 2021-07-08 Prince Sultan University Blockchain-based solution for internet of drones security and privacy
CN113204797A (en) * 2021-05-10 2021-08-03 华东桐柏抽水蓄能发电有限责任公司 Block chain technology-based Internet of things dam monitoring system architecture method
CN113709734A (en) * 2021-09-17 2021-11-26 中国传媒大学 Unmanned aerial vehicle distributed identity authentication method based on block chain
CN113886856A (en) * 2021-10-20 2022-01-04 兰州理工大学 Dual verifiable cloud storage method based on block chain

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109314642A (en) * 2016-02-23 2019-02-05 区块链控股有限公司 Counting system and method for secure voting and distribution implemented with blockchain
CN107094148A (en) * 2017-05-09 2017-08-25 电子科技大学 A kind of unmanned plane block chain management and control strategy of resisting quantum computation attack
US20200396060A1 (en) * 2018-03-27 2020-12-17 Huawei Technologies Co., Ltd. Identity Management Method, Device, Communications Network, And Storage Medium
US20200372808A1 (en) * 2019-05-20 2020-11-26 T-Mobile Usa, Inc. Secure unmanned aerial vehicle flight planning
US20210209956A1 (en) * 2020-01-03 2021-07-08 Prince Sultan University Blockchain-based solution for internet of drones security and privacy
CN111245509A (en) * 2020-03-18 2020-06-05 西安理工大学 Secrecy method for unmanned aerial vehicle secret ultraviolet communication by adopting block chain
CN111639361A (en) * 2020-05-15 2020-09-08 中国科学院信息工程研究所 Block chain key management method, multi-person common signature method and electronic device
CN112305974A (en) * 2020-11-13 2021-02-02 青海大学 Unmanned aerial vehicle cluster remote control method, system, device and equipment
CN113204797A (en) * 2021-05-10 2021-08-03 华东桐柏抽水蓄能发电有限责任公司 Block chain technology-based Internet of things dam monitoring system architecture method
CN113709734A (en) * 2021-09-17 2021-11-26 中国传媒大学 Unmanned aerial vehicle distributed identity authentication method based on block chain
CN113886856A (en) * 2021-10-20 2022-01-04 兰州理工大学 Dual verifiable cloud storage method based on block chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
冯泽冰: "区块链增强无人机蜂群系统安全性分析", 信息通信技术与政策 *

Also Published As

Publication number Publication date
CN114760062B (en) 2023-10-20

Similar Documents

Publication Publication Date Title
CN112329041B (en) Method and device for deploying contracts
US11128441B2 (en) Method for protecting data transfer using neural cryptography
CN109450856B (en) Block chain-based data link information flow control system and method
Jia et al. SDSM: a secure data service mechanism in mobile cloud computing
US7817802B2 (en) Cryptographic key management in a communication network
CN108632030B (en) CP-ABE-based fine-grained access control method
Wen et al. Secure data deduplication with reliable key management for dynamic updates in CPSS
CN102624708A (en) Efficient data encryption, updating and access control method for cloud storage
CN112257112B (en) Data access control method based on block chain
Li et al. Enabling efficient and secure data sharing in cloud computing
Murugesan et al. Analysis on homomorphic technique for data security in fog computing
Dong et al. SECO: Secure and scalable data collaboration services in cloud computing
La Manna et al. fABElous: An attribute-based scheme for industrial internet of things
CN116015828A (en) Block chain-based industrial Internet of things secure data sharing method
US11121855B2 (en) System and method for secure exchange
CN105978689A (en) Anti-key-exposure cloud data safe sharing method
Dong et al. Achieving secure and efficient data collaboration in cloud computing
Zhang et al. Cerberus: Privacy-preserving computation in edge computing
Jayaram et al. Mystiko: Cloud-mediated, private, federated gradient descent
Wang et al. Enabling privacy and leakage resistance for dynamic blockchain-based access control systems
Lin et al. Secure deduplication schemes for content delivery in mobile edge computing
Chen et al. Application of homomorphic encryption in blockchain data security
CN114760062B (en) Unmanned aerial vehicle cluster collaborative combat data privacy protection method based on block chain
Huda et al. Secure data exchange using authenticated ciphertext-policy attributed-based encryption
Kamel et al. A decentralized resource discovery using attribute based encryption for internet of things

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant